Resurrecting Active Directory After a Ransomware Attack
Date: Tuesday, September 13 at 11am PT / 2pm ET
With cybercrime on the rise, ransomware attacks that target Active Directory (AD)—the primary identity store for most businesses worldwide—are as common as having a cup of coffee. According to Mandiant consultants, 90 percent of cyber incidents they investigate involve AD in one way or another. Given that an attack on AD is a “when” rather than “if” scenario, organizations must have a tested plan and purpose-built solutions for recovering AD after a cyberattack. Do you have such a disaster recovery (DR) plan? Have you ever tested your backups?
In this session, Jorge de Almeida Pinto will discuss key considerations, potential mistakes, and different options to evaluate when developing your AD DR plan What you’ll learn:
How to proactively secure and protect AD from cyberattacks by enforcing administrative tiering best practices, preventing lateral movement, uncovering compromised passwords, and more
Why the ability to recover AD in a cyberattack scenario is a must-have for organizations because of AD’s role in providing access and authentication to business-critical applications, addressing risk management, ensuring business continuity, and more
AD cyberattack scenarios to address, including multiple (or entire) domain controller outages and irreversible malicious changes
Points to consider when developing an AD DR plan, including the decision-making process, backup scenarios, password vaults, and DR plan documentation
Limitations of the Microsoft guidelines for manually recovering AD
How to automate AD recovery to save time during a cyber incident and accelerate recovery of business operations
About the presenters:
Jorge de Almeida Pinto, Solutions Architect and Product Manager of Active Directory Forest Recovery, Semperis
Jorge de Almeida Pinto, Semperis Solutions Architect and Product Manager of Active Directory Forest Recovery, has been a Microsoft MVP since 2006 with a specific focus on designing, implementing, and securing Microsoft Identity & Access Management (IAM) technologies. Holding various Microsoft certifications, his experience includes Active Directory (AD) design and implementation, training, presenting, developing security-related scripts and tools, and developing and implementing AD and Azure migration and disaster plans.